/**
 * 路由公共文件
 */

const db = require('../db/menus');

/**
 * 验证权限方法
 * @param  {...any} codes 要验证的菜单code
 */
const authorization = (...codes) => {
    return async (ctx, next) => {
        const { id } = ctx.state.user;
        const result = await db.authorization(id, codes);
        if (result) {
            return await next();
        }
        ctx.status = 403;
    }
}

module.exports = {
    authorization
}